[39446] in Kerberos
Re: Kerberos TCP retries
daemon@ATHENA.MIT.EDU (Ken Hornstein via Kerberos)
Sun Aug 4 12:53:55 2024
Message-Id: <202408041652.474GqQNq008696@hedwig.cmf.nrl.navy.mil>
To: Dejmek Pavel <pavel.dejmek@o2.cz>
cc: "kerberos@mit.edu" <kerberos@mit.edu>
In-Reply-To: <30c17b47-ea40-4937-b67b-f36d68086678@o2.cz>
MIME-Version: 1.0
Date: Sun, 04 Aug 2024 12:52:26 -0400
From: Ken Hornstein via Kerberos <kerberos@mit.edu>
Reply-To: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
>We discovered that kerberos clients retries to send request after 10sec
>and unfortunately it means that another MFA request is sent. Is there
>any way howto extend this period(10sec to 60sec)?
>
>I have found one commit which can fix this issue, it is #9105 "Wait
>indefinitely on KDC TCP connections" Is there any plan to include this
>commit in future release?
We actually had this discussion here last week:
https://mailman.mit.edu/pipermail/kerberos/2024-July/023175.html
The answers to your questions are: there is no knob to adjust the
client timeout and the above commit will be in MIT Kerberos 1.22.
--Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos